From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 32346C4167B for ; Tue, 12 Dec 2023 20:47:16 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id D3CA56B036E; Tue, 12 Dec 2023 15:47:11 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id C70E46B036F; Tue, 12 Dec 2023 15:47:11 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id A50226B0371; Tue, 12 Dec 2023 15:47:11 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 6C2DE6B036F for ; Tue, 12 Dec 2023 15:47:11 -0500 (EST) Received: from smtpin21.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 3DF6C80B27 for ; Tue, 12 Dec 2023 20:47:11 +0000 (UTC) X-FDA: 81559351062.21.F6247C6 Received: from mail-pl1-f201.google.com (mail-pl1-f201.google.com [209.85.214.201]) by imf09.hostedemail.com (Postfix) with ESMTP id 65C2B14001B for ; Tue, 12 Dec 2023 20:47:09 +0000 (UTC) Authentication-Results: imf09.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=vSLZzn9O; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf09.hostedemail.com: domain of 3zMZ4ZQUKCG8fNTVfTbbTYR.PbZYVahk-ZZXiNPX.beT@flex--sagis.bounces.google.com designates 209.85.214.201 as permitted sender) smtp.mailfrom=3zMZ4ZQUKCG8fNTVfTbbTYR.PbZYVahk-ZZXiNPX.beT@flex--sagis.bounces.google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1702414029; a=rsa-sha256; cv=none; b=VAEmPENUtBCn2reWeO4zHYEGF5Is7vHMo27K5pa2DlNrYk5c8xu/ZuJXrpjzXkP3xC4nvL DKC2dFmoTPywbpWIOBhm50o1g4Lf9vW64KD/QP5iuD28y5SCEKGYoBOiCo2fIHcEpNMiFX H4ftBPFX1KqniV5wgBtJ7FCXKFPPv+c= ARC-Authentication-Results: i=1; imf09.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=vSLZzn9O; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf09.hostedemail.com: domain of 3zMZ4ZQUKCG8fNTVfTbbTYR.PbZYVahk-ZZXiNPX.beT@flex--sagis.bounces.google.com designates 209.85.214.201 as permitted sender) smtp.mailfrom=3zMZ4ZQUKCG8fNTVfTbbTYR.PbZYVahk-ZZXiNPX.beT@flex--sagis.bounces.google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1702414029; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=63FW+3XX5/e8zea7VCMPF1eNiMssQ00z9r2TQiyi8pA=; b=dsMpsl1eWowWRSMVkvmry7C6hKAFCZuny6qW+Y3h8LOZmlxnD47MuR8Tzry7uqPqr1ZuB1 QbkRjOs8Hi1tweS2e1NOHNDA2Dbf9XN6fOoI9kzwc24L9Ehz8bgsItGWmiOs0c2PwvAH+t gVYj/AkaV3V9xA88DyFh1TA/pqcOvzk= Received: by mail-pl1-f201.google.com with SMTP id d9443c01a7336-1d09a64eaebso54431475ad.3 for ; Tue, 12 Dec 2023 12:47:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1702414028; x=1703018828; darn=kvack.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=63FW+3XX5/e8zea7VCMPF1eNiMssQ00z9r2TQiyi8pA=; b=vSLZzn9O3kl6pZ7CRtLtibUvB654hI4OKtTjDO4gJQxWTzZiYV6JKFFjyTVt19+Us2 WiOrIwlexBnzwbHlDHNLpdVnKBm8UnC0zXxOUJteQpXIE6Eo8oGZdnewgrscvj828EmQ 4YbMWto6xTHYZvqAx+9l/nwigQAfkcm4wN3hNytKKb/hrgKN7Bw1Jm0Pd38OLxezgAEr Q4y6lFiOV3wa89e6+Cz8mgpymkP/WPEu9PvISy7c5qoacaVWrpEwUxwp1ZtcJ4fE68Sr 3Avaz5sWWFFQNSdqCH5p89vyzJOilGD2KAugGXZqsfTPokpb18Zz9ORQmZUBlp9YxLUZ kY/A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1702414028; x=1703018828; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=63FW+3XX5/e8zea7VCMPF1eNiMssQ00z9r2TQiyi8pA=; b=KQU6UHf04OXRD2kw3opV0TknJnJgQZB7Z05UICGAWxyUna6oeh/SWJpdKxSLFAQDPd gqOCl0llmIDWQ1uXpG9iT6NzWe15E2fBW0U1OyzvO4c/0tkOPNtrHV/YRKYPdDlZA9lP /VwisJ6BQcvOw2jGnPU9gYZjlfBLC2KbwJKeWLDUhA55TdWwDGNQA3Depza+ygnshNxN QSrP6/eB6Lg5d7wTkC0mUSMhGEDwGkGT3vzK9UYNDnk037abaayGxefG1WQrqFFqrwyZ Rku+ZR5JVprkuWYxI4Rv0V0t27CH5aAmwOrqPgodEz99SFcNm6uZ3Th4Bl5+1iiTqUsQ BtSQ== X-Gm-Message-State: AOJu0YwsnXDo72xaP7XfheJfmm6wxpdUTSiK/xLC5ce+gCLpRo9LGBuc Rofsx80SDyIR+20Q8oikTaUOE7sosg== X-Google-Smtp-Source: AGHT+IH6ncVDoAW1Mu0I8+yN+N2a6MAdsdDn6tV65AJTStVCqp2NOxk5JgLw7Qu1wnmKPp61ATAwmDH9Kg== X-Received: from sagi.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:241b]) (user=sagis job=sendgmr) by 2002:a17:902:e74e:b0:1d0:820a:cf0d with SMTP id p14-20020a170902e74e00b001d0820acf0dmr51718plf.6.1702414028261; Tue, 12 Dec 2023 12:47:08 -0800 (PST) Date: Tue, 12 Dec 2023 12:46:21 -0800 In-Reply-To: <20231212204647.2170650-1-sagis@google.com> Mime-Version: 1.0 References: <20231212204647.2170650-1-sagis@google.com> X-Mailer: git-send-email 2.43.0.472.g3155946c3a-goog Message-ID: <20231212204647.2170650-7-sagis@google.com> Subject: [RFC PATCH v5 06/29] KVM: selftests: TDX: Use KVM_TDX_CAPABILITIES to validate TDs' attribute configuration From: Sagi Shahar To: linux-kselftest@vger.kernel.org, Ackerley Tng , Ryan Afranji , Erdem Aktas , Sagi Shahar , Isaku Yamahata Cc: Sean Christopherson , Paolo Bonzini , Shuah Khan , Peter Gonda , Haibo Xu , Chao Peng , Vishal Annapurve , Roger Wang , Vipin Sharma , jmattson@google.com, dmatlack@google.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-mm@kvack.org Content-Type: text/plain; charset="UTF-8" X-Rspam-User: X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: 65C2B14001B X-Stat-Signature: t3tj7uwm3cu9srds7wg8j7mf1jkbakzh X-HE-Tag: 1702414029-240657 X-HE-Meta: U2FsdGVkX1/A12hgYHj/xxhMb0kSWKyb4Qgn6kOyyVcZ6QGkgBnal+SakQJgEEu4dLvshFTVjh0P5is4UraZOf7ALE7A8Gjj1kbm8xB2P+N4g1t/GS1aK9vCmnNDTDfMh5VJuLZslWzexkLgstLNAXVzjyomJNcGamDNhpWtHj8++hJTzb63ygp3Dh9BDwrfQwy9hqnrXPsZorRvtFgo5i+hOrEovXcbvFlTuzmDQt1WfYa9c3UVCs6of3itCI2E8DcwznlvdJXtNyqEf6gycOs5ENfNYyI5WIFjop4dYLD/RAqFWnFf5DaytYLDGm7J3zO+hkkt+HtRTUFObp8U/OEJbTM7YlVNf5hKO3DYbKMQybED+vn6xMMvJzevBWB1Sls7E0X8XQ/7Zag83Q/yYyRy7Nrtf2m88f7E1zmKUTjw1w9SXjJbkwWkkvymOfGmI7RmhkxLVxafLFcU7xU5lrpUFcKhqtiIT871K/uFVaILnhKbPHHRWy1W6vOHKyHBJgONHPxQUuIN/4ImGZhA708/L5LBAyNuuR5CPwg11GZNTak4gBRLoL0AjbsR5s2q73goOIziGe/7q5g7teqsxUFPLgYJ5I+4tcIeIZeB3h+xV7ClHIyeEiy3RADwZxViLKUSfBELoBLAcrvw49FzFjL+aOXVqNVES5BBLRGBTU91Q1TmtK0Y1sJpXCH+oDGgS1CK80Th/hTr6zNOmC97AcIdHAdVwGl3+MgM/8dzMe6EyJAX+W7a66kXjtY+616SXXKTbSKGTb0evvyMhD1cUeeN2aRaLDhXMuD99TPeK8+jjyUUuDjykTPyunp1rxQn/aIp+x7YRJDvtcpq/adwveM5uVbCsbc/gtG9I5ReAC+btbQLV+/vbIm0ts2kbwM8QItLNO6/domzGY5ogd+OYGr2MlwWdtVa2U0wP9kveZQnhpqLJlK14DyB2PAeX+9qDAvFftHXgjpT2+lRLo0 Z6ky4LQ+ EEnTF8mqUA4I0ctjlN7HBtcdl4zxY72BFQTlA5Qj9v2fU+jHgeyjOyoOoaycpho+4AJy3wTP8ySlrnNRGwrwncURIIfZ4WKNwt15CidM3hexCrgSdQnRmxv7Ebu08gWnrVpiohPYA7WFf1SqCwGapgPWGtH1JLHjAw14d3ff6bcUfc0h2ZVomDy+g8vsbfxdPUDf8hIM9Mn8YeojkzMcYUsWzjKzxP/ADCHR02pPyeyFoz74KODPNCIjECEN3PeLvwsKrz0hG1kCAeRnJDwJ6qYSUDtNXohFOcAFk2Ue/PWZuoisUds5g+iDJ6mz7ghGORqp2DlSsLm/dbMqLjhhFsFImbPaCehlZ9cEJRgKQvt7vscesp3dmRv1sCfKvlN345InTfmIQKza5c4g7kN5H7EWbX9xTV0I7hk4XWMrHPUCFblA9WiMTldg5zodQ+m3JR6Ye4+MAEHrkSyCaQsxpVV76zprLS16qMceCCVMN0f7IH7T4tKqPvx5dWlJa2k1rYoC7vNskZR1g6cI3V8pk8AclFCc0Y0vctbOwKJeSo9JGYIE2XLZ7xvZRarjBMZhN6gjUffTY+n86rYfeAXZivjGxLAjwYkCkVu/Skg6EOtIjhv/M8RnboBEiDo9a1tZ7eQxWb8nGMKdy780y6lVMf1j7R8KUDdugEpJCXdUV/ACW+E8= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Ackerley Tng This also exercises the KVM_TDX_CAPABILITIES ioctl. Suggested-by: Isaku Yamahata Signed-off-by: Ackerley Tng Signed-off-by: Ryan Afranji Signed-off-by: Sagi Shahar --- .../selftests/kvm/lib/x86_64/tdx/tdx_util.c | 69 ++++++++++++++++++- 1 file changed, 66 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx_util.c b/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx_util.c index 9b69c733ce01..6b995c3f6153 100644 --- a/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx_util.c +++ b/tools/testing/selftests/kvm/lib/x86_64/tdx/tdx_util.c @@ -27,10 +27,9 @@ static char *tdx_cmd_str[] = { }; #define TDX_MAX_CMD_STR (ARRAY_SIZE(tdx_cmd_str)) -static void tdx_ioctl(int fd, int ioctl_no, uint32_t flags, void *data) +static int _tdx_ioctl(int fd, int ioctl_no, uint32_t flags, void *data) { struct kvm_tdx_cmd tdx_cmd; - int r; TEST_ASSERT(ioctl_no < TDX_MAX_CMD_STR, "Unknown TDX CMD : %d\n", ioctl_no); @@ -40,11 +39,58 @@ static void tdx_ioctl(int fd, int ioctl_no, uint32_t flags, void *data) tdx_cmd.flags = flags; tdx_cmd.data = (uint64_t)data; - r = ioctl(fd, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd); + return ioctl(fd, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd); +} + +static void tdx_ioctl(int fd, int ioctl_no, uint32_t flags, void *data) +{ + int r; + + r = _tdx_ioctl(fd, ioctl_no, flags, data); TEST_ASSERT(r == 0, "%s failed: %d %d", tdx_cmd_str[ioctl_no], r, errno); } +static struct kvm_tdx_capabilities *tdx_read_capabilities(struct kvm_vm *vm) +{ + int i; + int rc = -1; + int nr_cpuid_configs = 4; + struct kvm_tdx_capabilities *tdx_cap = NULL; + + do { + nr_cpuid_configs *= 2; + + tdx_cap = realloc( + tdx_cap, sizeof(*tdx_cap) + + nr_cpuid_configs * sizeof(*tdx_cap->cpuid_configs)); + TEST_ASSERT(tdx_cap != NULL, + "Could not allocate memory for tdx capability nr_cpuid_configs %d\n", + nr_cpuid_configs); + + tdx_cap->nr_cpuid_configs = nr_cpuid_configs; + rc = _tdx_ioctl(vm->fd, KVM_TDX_CAPABILITIES, 0, tdx_cap); + } while (rc < 0 && errno == E2BIG); + + TEST_ASSERT(rc == 0, "KVM_TDX_CAPABILITIES failed: %d %d", + rc, errno); + + pr_debug("tdx_cap: attrs: fixed0 0x%016llx fixed1 0x%016llx\n" + "tdx_cap: xfam fixed0 0x%016llx fixed1 0x%016llx\n", + tdx_cap->attrs_fixed0, tdx_cap->attrs_fixed1, + tdx_cap->xfam_fixed0, tdx_cap->xfam_fixed1); + + for (i = 0; i < tdx_cap->nr_cpuid_configs; i++) { + const struct kvm_tdx_cpuid_config *config = + &tdx_cap->cpuid_configs[i]; + pr_debug("cpuid config[%d]: leaf 0x%x sub_leaf 0x%x eax 0x%08x ebx 0x%08x ecx 0x%08x edx 0x%08x\n", + i, config->leaf, config->sub_leaf, + config->eax, config->ebx, config->ecx, config->edx); + } + + return tdx_cap; +} + #define XFEATURE_MASK_CET (XFEATURE_MASK_CET_USER | XFEATURE_MASK_CET_KERNEL) static void tdx_apply_cpuid_restrictions(struct kvm_cpuid2 *cpuid_data) @@ -78,6 +124,21 @@ static void tdx_apply_cpuid_restrictions(struct kvm_cpuid2 *cpuid_data) } } +static void tdx_check_attributes(struct kvm_vm *vm, uint64_t attributes) +{ + struct kvm_tdx_capabilities *tdx_cap; + + tdx_cap = tdx_read_capabilities(vm); + + /* TDX spec: any bits 0 in attrs_fixed0 must be 0 in attributes */ + TEST_ASSERT_EQ(attributes & ~tdx_cap->attrs_fixed0, 0); + + /* TDX spec: any bits 1 in attrs_fixed1 must be 1 in attributes */ + TEST_ASSERT_EQ(attributes & tdx_cap->attrs_fixed1, tdx_cap->attrs_fixed1); + + free(tdx_cap); +} + static void tdx_td_init(struct kvm_vm *vm, uint64_t attributes) { const struct kvm_cpuid2 *cpuid; @@ -91,6 +152,8 @@ static void tdx_td_init(struct kvm_vm *vm, uint64_t attributes) memset(init_vm, 0, sizeof(*init_vm)); memcpy(&init_vm->cpuid, cpuid, kvm_cpuid2_size(cpuid->nent)); + tdx_check_attributes(vm, attributes); + init_vm->attributes = attributes; tdx_apply_cpuid_restrictions(&init_vm->cpuid); -- 2.43.0.472.g3155946c3a-goog